Thursday, December 9, 2010

Hex Encoded IP Permutation Challenge

BackgroundOne well known technique to evade a web filtering proxy is to encode the host part of a URL in hex, binary, base32 etc. I successfully tested this trick against a Privoxy proxy but it failed to work against Blue Coat proxy. If the proxy server is clever enough to convert such simple obfuscations to a standard form prior to comparing the request against its policies, then this trick would not work.

Challenge

While experimenting with this proxy evasion trick, I ran across an algorithm challenge. I am trying to write a script which would output all valid permutations of an IP comprised of hex and decimal values. So, lets suppose we have an IP address (dotted decimal notation) 1.2.3.4 and it could also be represented in its hex notation as a.b.c.d (1.2.3.4 = a.b.c.d), such that a=1,b=2,c=3,d=4. I am trying to generate all valid permutation, for example a.2.3.4, 1.2.3.d, ab.3.4, a.2.cd etc.

A permutation is valid if it conforms to the following three simple rules:

Permutation must have only 4 values, which could be either hex or decimal representation. Example: ab.2.3.4 is invalid, because it has 5 values. Two hex (a,b) and three decimal values (2,3,4).

Only hex values can be combined together without a dot. All other combinations must be separated by dot. Example: ab.3.4 is valid, however a2.3.4 and a.23.4 are invalid. The latter violates rule #1 as well.

Position of the values are fixed. So in our example, 'a' and 1 are the only two values which can hold the first octet (position), 'b' and 2 the second octet etc. etc.

If you have the programming chops to do this in an efficient manner, I would like to see the code or pseudo code. You can either post your solution in the comments or email me.

Proposed (hack) Solution

Disclaimer: I am not a professional programmer, nor do I claim to be an accomplished programmer.

#!/usr/bin/env python

import re

# Validate host permutation

permre = re.compile('0x0[a-f]{1}|0x[0-9]{2}|0x[0-9][a-f]|[0-9]{1,3}')

# To keep the focus on the algorithm, I am not including the code which

# populates the following lists based on a given dotted-decimal notation IP.